Wait a minute...
Ok, as I said first I'm not really sure about the resources needed in the first place but when we start with a phrase and add a single spelling error, aren't the possibilities for it reaching the same results as in trying all combination of private keys? I had a pretty bad day and I'm tired so maybe I'm saying something stupid but taking a phrase like the one in the example:
When you're generating a random private key, you are guaranteed your 128-256 bits of security. But when you start messing with brainwallets, you'll never know how much bits of security you actually have, because the space of potential values is unknown, and humans also don't choose these values randomly, some words/phrases are much more common than others, even if they seem to be uncommon.
Potential attackers could try to make a lot of optimizations for hacking brainwallets, for example they can make a psychological profile of an average Bitcoin users, for example they might be more likely to be nerdy, so they will be looking for phrases from sci-fi books, videogames, cult classic movies, etc. The way people try to make passwords more complex can also be predictable, they often put numbers in the end, use l33tspeach, capitalize the first or the last letter, etc.
Also, this thing with misspelling a phrase can backfire if you'll forget where you made a mistake, in that case you'll have to do some trial and error or even write a script to bruteforce your brainwallet.
